Planning neutralises fear of ransom note DDoS attacks

‘Prevention is better than cure’ is an old adage that businesses would do well to implement when it comes to the real and current threat of DDoS attacks. Not sure what they are? DDoS stands for distributed denial of service and an attack of this kind denies use of a website, server, network or other Internet service to its users.

When these users are customers who are unable to access a website to browse, buy or compare prices, significant damage is done to the business, not only in terms of sales revenue but also to reputation – according to a recent Ponemon Institute study, 88 per cent of consumers lose trust in a brand when the website is off-line or unavailable.

There was a time when DDoS attacks were rare. First seen in the late 1990s, the early attacks were big enough to take websites down for several hours if not days. Today they are commonplace and are powered by cheap tools that are openly sold online. According to recent survey information, a staggering 40 per cent of EMEA companies’ financial losses due to a DDoS attack during peak hours would be greater than €100,000 per hour of downtime.

Attackers’ tactics are also changing with smaller (40 per cent of attacks are at less than 5 Gbps) but more repeated attacks being made, which distract firms’ security and IT teams while malware is installed to steal trade secrets or valuable data. Some things never change however, and we are starting to see the old criminal tactic of extortion being repurposed for the digital age. This is the ransom note-type DDoS attack where a relatively small but noticeable attack is quickly followed by an email ransom note claiming responsibility and threatening more to come unless money is paid. Often not much money, but there’s the trap – if a susceptible business is tempted to pay a small sum thinking the attacks will stop, all they have actually done is identified your website as one without professional DDoS protection and the attacks and requests for more and more money will continue.

This happened to Team Internet, a leading provider of services in the direct navigation search market, but luckily the company was prepared. “When the note came, I went straight to my Neustar account manager who was unfazed and assured me that SiteProtect could handle the mitigation. This meant I could ignore the ransom note and sure enough, after the first attack there was nothing more. It was the best possible outcome and without Neustar, I would probably have paid,” says Mario Witte, Founder and CTO at Team Internet.

And there’s the crux, businesses that protect their websites with a professional DDoS mitigation service are better prepared to defend against DDoS attacks. DDOS defence preparedness alleviates the fear, stress and worry caused by being on the receiving end of an extortion or ransom note.

The best defence against extortion attempts is planning. Receiving a threat demanding payment when your business is at stake can cause fear and confusion about how to handle it. An internal survey of 157 of Neustar EMEA customers found that 63 per cent have received a ransom-note type DDoS attack but all were able to securely ignore extortion attempts. Neustar is proud that its Neustar SiteProtect customers can confidently focus on their core business and let Neustar handle DDOS defense if and when it’s needed.

However, it’s a different case for companies without professional DDoS protection – they must be very careful not to be drawn in to an ongoing extortion scenario. Experienced DDoS defenders can be mobilised within hours. It is this experience that counts when attack methods change during a DDOS crisis.